What’s Driving the Surge in Ransomware Attacks?

As the United States emerges from the coronavirus lockdown, digital experts are combating a “pandemic of a different variety,” as the former head of U.S. cybersecurity Chris Krebs warned in May.

By Matt Stieb


On several occasions in the past seven months, ransomware attacks have shut down large sectors of the American economy, with hackers taking advantage of lax security measures for an easy payday. The concept is fairly simple: Hackers use malicious software to break into and encrypt a company’s data, then hold it ransom until the victim pays up, often in seven-figure installments.


The Biden administration has made stopping these extremely disruptive attacks a national-security priority, but many experts still think that the worst may be ahead of us. Here’s what you need to know about the recent string of attacks and what’s being done to stop them.

Which businesses have been attacked?

Cyber attacks have become a serious problem for the private sector in recent months:

  • In June, an attack on the multi-national meat manufacturer JBS S.A. closed off a quarter of American beef operations for two days, as the firm shut down its computer systems to limit the scale of the breach.

  • In May, a cyberattack on Colonial Pipeline forced the company to shut off gasoline supply to much of the Eastern Seaboard, resulting in shortages throughout the South. That same month, an attack shut down the databases of a hospital system in San Diego for two weeks.

  • In April, hackers claimed to have stolen 500 gigabytes of data from the Houston Rockets, including contracts and non-disclosure agreements.

  • In March, CNA Financial Corp, one of the largest insurance companies in the U.S., was locked out of their network for almost two weeks following a breach.

  • And in February hackers accessed a water-treatment plant in Oldsmar, Florida, briefly raising the lye in drinking water to dangerous levels.

These are some of the most damaging break-ins, but they are far from the only examples: One security firm that tracks ransomware attacks estimated that there were some 65,000 successful breaches in 2020. Around the time that Colonial Pipeline’s system was compromised, Homeland Security Secretary Alejandro Mayorkas estimated that $350 million in ransom payments were handed out to groups engaging in ransomware schemes last year.

What is a ransomware attack?